The Blockspare plugin for WordPress has a security issue called Stored Cross-Site Scripting. This can happen when someone adds a new post using the latest post block. The problem is that the plugin doesn’t clean up the text properly, so it allows attackers to add harmful code to the page. This can affect any user who visits the page with the harmful code.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
